CERT-MU :Vulnerability

Home | Search | FAQ | Site Map | Contact Us

|| Hotline : 800 2378 || To contact CERT-MU send e-mail on --> info[at]cert-mu.gov.mu || To report incident e-mail on --> incident[at]cert-mu.gov.mu || To report Vulnerabilities send e-mail on --> Vulnerability[at]cert-mu.gov.mu ||

Charter & Mission

CERT-MU Services

Constituency

Authority

Incident Reporting

Vulnerability Reporting

Incident Statistics Forms

Vol. 2, Feb 2012

Vol. 1, Oct 2011

World CERTs

Security Sites

Security Tools

Antivirus Resources

Email Abuse

Network Abuse

Anti-Spam Initiative

Cyber Security Portal

Safer Internet Day

Computer Security Day

National Computer Board

Authorized to use CERT(TM) - CERT is a mark owned by Carnegie Mellon University

CERT-MU Vulnerability Note VN-2009-26

Adobe Reader and Acrobat Remote Code Execution Vulnerability

Original Issue Date: October 14, 2009

Severity Rating: High

Affected Softwares

Adobe Reader 9.1.3 and earlier versions
Adobe Acrobat 9.1.3 and earlier versions

Overview

A vulnerability has been reported in Adobe Reader and Acrobat, which could allow a remote attacker to execute an arbitrary code or causes denial of service condition.

Description

This vulnerability is caused due to an unspecified error in parsing PDF file in Adobe Reader and Acrobat. A remote attacker could exploit this vulnerability by tricking a user into opening a specially crafted PDF file resulting in arbitrary code execution in the context of the user running the affected application or cause denial of service (DoS) condition.

Workarounds